Communications That IPSec Doesnâ€™t Secure

Because IP Security (IPSec) secures IP traffic between end systems, some network trafficâ€” principally non-IP traffic such as DHCP and Address Resolution Protocol (ARP)â€”goes unencrypted. If you want to prevent such traffic, you can use static IP addresses for each wireless station and use the Arp command to manually map IP addresses to media access control (MAC) addresses.

You might also see unencrypted NetBIOS traffic (to enable browsing, some stations broadcast NetBIOS traffic to all stations on a LAN). To prevent this traffic, turn off browser announcements from your servers and wireless stations or, better yet, disable NetBIOS.

Related Articles

John Savill's Hyper-V Master Class

Join John Savill for 12 hours of comprehensive Hyper-V training. This master-level online training course will explore all the key aspects of a Hyper-V based virtualization environment covering both current capabilities in Windows Server 2012 R2 and looking at the future with Windows Server vNext.